2004-07-30

(FOSS) e-governance Takes Penguin To Rural India

CXOtoday

"What sounds really hard to digest, is the fact that a body as 'red-taped' as the Indian government has jumped on to the Open Source bandwagon both quickly and efficiently."

Another quote:

"Until a few years back, Linux was simply branded as an 'experiment' in government circles, and now its not. Period."

However, the rest of the article is somewhat mixed in its euphoria, I am sorry to note. And then there's the dark side of governance in India:

"Also, we face resistance from a certain section of the society that opposes the influx of technology, primarily because of the transparencies that it introduces into the system."

better than gmail? well not yet...

Oddpost and Yahoo!

"On the contrary: our technology will flourish like a palm tree and/or IT professional's waistline in Silicon Valley."

2004-07-22

(funny) well, one out of four isn't bad...

Psychologists need to get a life. Look at this:

Oi, Saddo, show us your home page!

"Got your own homepage? Then you are probably shy, sensitive to criticism and suffering from low self esteem. Chances are, you are male too."

"So says the psychologists of the Chemnitz University of Technology (CUT) in Germany, who interviewed more than 300 webpage owners."

Well, I suppose 25% is not a bad score in this field, poor guys :-)

2004-07-14

...and the geek shall inherit the earth!

This is a blatantly hero-worshipping page about Dr A P J Abdul Kalam. You have been warned :-)

I just had the privilege of seeing this great man once again (second time in two weeks -- I must be going up in life!)

2004-07-12

(FOSS,life) when it's cool to like China!

I know India and China have been traditional adversaries, but this article evoked some (grudging?) respect from me.

wait, don't go away... this is not about Linux, even though that is how the article came to my attention! Read the article, and you will see...

Linux News: Commentary: China's Love of Linux Has Roots in Ancient Past

"If Alford is right, the real reason why the Chinese government and software industry are so supportive of Linux could be because Linux is, instinctively, much more in tune with ancient Chinese philosophy."

China hasn't been a model "world citizen" in many respects, and although I don't care much for politics, I can't but dislike such systems of governments.

But it seems to me, after reading the above article, that a common mistake most people (including myself, of course) make must surely be that of judging a people by the actions of their governments!

Even if you are not in the IT industry, or don't care two hoots about open source, you may still find that you enjoy the basic premise of this article, and -- for people who are not habitually cynical, who knows, it may even give you some warm fuzzies!

2004-07-08

(malware) slate.msn.com says

Are the Browser Wars Back? - How Mozilla's Firefox trumps Internet Explorer. By Paul Boutin

"...but it was enough to make me ditch Explorer in favor of the much less vulnerable Firefox browser."

The best part is that this quote/article come from a site owned by Microsoft!

For more details, see CERT says "dump IE".

President Kalam calls for open source in defense

Of course, I knew this already, since I was actually at the event mentioned (yours truly presented a paper, hem hem!) but I figure once a non-Indian, non-slashdot, site talks about it, it's time to blog it!

Indian president calls for open source in defense | CNET News.com

"In another public-sector boost to open-source software, Indian President A.P.J. Abdul Kalam called for his country's military to use such nonproprietary technology to ward off cybersecurity threats."

2004-07-07

free digital certificates?

O'Reilly Network: CAcert: Digital certificates become free [Jun. 30, 2004]

"CAcert's resourceful Australian originators took a hard look at the infrastructure that's really necessary to operate a Certificate Authority, and found that it was fairly small."

Hmm...

2004-07-06

(funny,security) Not enough of a deterrent!

The following article first struck me as being merely very funny, but -- like in many things funny -- there is an important lesson here, in this case about security:

(photography) how did I choose what digital camera to buy?

[P: this is for you. Until now, everyone who asked got this file by email, but now that I have this site, I figure I just paste it in here so I have a URL to send instead of the file. You're already the 6th guy asking me for this info so this will reduce my "support costs" :-)]

Note to all: this post has lots of <pre> text, and is completely useless on blogspot. Go look for it on my real blog, link somewhere on the left...

(photography) High-end phones as usable digital cameras?

If, like me, you've recently purchased a brand-new digital camera (hi RS, RN, CR, RK!!) you may have people tell you stuff like this:

Yahoo! News - Megapixel Phones Encroach on Digital Camera Turf

"Asia's top mobile phone makers are rolling out handsets equipped with cameras so advanced many consumers may come to the conclusion they don't need a separate digital camera any more."

However, the same article goes on to explain:

"Megapixels are anyway waning as the main factor influencing purchases as people become better informed about specifications like lens quality, zoom performance and data storage capacity and special features such as anti-shake protection."

As a friend of mine who has a pretty decent camera phone knows, the fact that it is always around makes it more susceptible to wear and damage than a proper camera. The lenses on these are bad enough to start with; daily exposure to the elements doesn't help!

Updated 2005-07-24 13:51

But what's more important is the quality and number of lenses. Real cameras have multiple lenses in groups (you might see phrases like "7 lenses in 4 groups", for instance), and this is necessary to overcome various aberrations and distortions that a single lens or a smaller set of lenses cannot overcome. And then there's the lack of a proper autofocus mechanism, on most phone-cameras. Ultimately, it's the size of the instrument that causes the problem.

I've seen Sony T-3s and Casio Exilims suffer from the same problem as cameras added on to phones, although less severely. The pictures are fuzzy except for the ones shot in the conditions that are most ideal for this particular lens assembly (usually bright day, outdoors, medium distant object like a building or a tree). Anything else just sucks, when you compare it to a corresponding image taken with a real (even if it is compact) camera).

I myself now have a Motorola A780 Linux phone, with an integrated 1.3 MP camera, but I hardly use the camera except for emergencies or for fun. No photo from that camera can make me proud!!! w my Canon A80, on the other hand, is truly worth special treatment in the taking of photographs, and can handle a lot of variations (within reason).

Worth a switch even without the 1000MB email quota!

It's worth switching to gmail even if it just had 100 MB or so of email quota, like Yahoo Mail now does.

The user interface is absolutely stunning -- if you've been using web-based email for a while, and have occasionally been frustrated by the UI, this will blow you away. Clearly, Google has done its homework. The interface is fast enough and slick enough to make it almost seem like a local email client like Thunderbird.

So... if you use web-based email frequently, beg, borrow, or steal an invite, because gmail is still in "beta" status and you cannot just sign on.

One interesting thing about this invite business: when I was first offered an invite, I declined. I already have 6 distinct email addresses, and having one more was not very appealing. Bad move. By the time I realised the interface was too cool to pass up, sitaram@gmail.com was gone, and I had to settle for sitaramc@gmail.com!

Finally, for those who saw the brouhaha about the loss of privacy due to the targeted ads, which work by "reading" your email: yes it could be a problem. But if you think you have any privacy with any email where the server is not under your direct control, you can continue to live in your paradise ;-) Beside which, most people would trust google a lot more then they would trust the beast anyway; if google says "we wont look at it ourselves, only our computers will", then that is it. They have actually earned that level of trust from normally cynical people!

2004-07-02

(malware) US CERT says time to dump IE

[Summary: until now, flaws in MS IE would affect you only if you visited malicious sites. Now, hackers can turn any site running MS IIS into a malicious one, so even a site you normally trust can hurt you; a backdoor program is installed on your machine that captures your passwords etc., and sends them back to the hacker]

Updated with various links and pointers to more info; see bottom of article. In particular, see http://slate.msn.com/id/2103152/ -- a site owned by Microsoft says "...but it was enough to make me ditch Explorer in favor of the much less vulnerable Firefox browser." :-)


People who know me well enough have heard me say this long ago, but it is somewhat unprecedented for US CERT (Computer Emergency Response Team, one of the main clearinghouses for security information of all kinds), to do so. http://www.kb.cert.org/vuls/id/713878 says:
There are a number of significant vulnerabilities in technologies relating to the IE domain/zone security model, the DHTML object model, MIME type determination, and ActiveX. It is possible to reduce exposure to these vulnerabilities by using a different web browser.
This is actually linked as "additional information" from CERT's "current activity" page for July 2nd, at http://www.us-cert.gov/current/archive/2004/07/02/archive.html , which says:
Users should be aware that any Web site, even those that may be trusted by the user, may be affected by this activity and thus contain potentially malicious code.
What is scary is the phrase "even those that may be trusted by the user". We've always known that visiting malicious sites can cause big problems, but if you generally stuck to the straight and narrow and did not access any pr0n sites or other shady stuff, you were safe. Not any more; a flaw in MS IIS (MS's apology for a web server!) apparently allows hackers to turn any website against its users, and visiting such a site installs a backdoor program that captures passwords and sends them to the hacker! This is bad.

Securityfocus has another, even more hard-hitting article that says it is Time to Dump Internet Explorer; this one is more fun to read :-)

The latest version of IE is 6, and it has certainly accumulated an impressive record of holes: 153 since 18 April 2001, according to the SecurityFocus Vulnerabilities Archive. There have been some real doozies in there. For instance, last August, Microsoft issued a patch that fixed a hole that the company described this way: "It could be possible for an attacker who exploited this vulnerability to run arbitrary code on a user's system. If a user visited an attacker's Web site, it would be possible for the attacker to exploit this vulnerability without any other user action." Oh, is that all? Well, that's super...

As I said, most of you have heard me say this long, long, ago. Even during the days I had Windows as my main desktop, I used firefox for all my browsing. [I used IE only for the corporate website, which has an invalid X509 certificate, and so Firefox -- quite correctly, I might add -- refuses to load it!]

I repeat: if you havent installed firefox yet, please download and install it ASAP. AND START USING IT! By all means let me know if you need help, but please stop using IE.

Friends don't let friends use IE...


Other link(s):
  • http://slate.msn.com/id/2103152/
    "...but it was enough to make me ditch Explorer in favor of the much less vulnerable Firefox browser."
    The best part of that quote is that it comes from a site that is owned by Microsoft! Great!!

  • http://www.washingtonpost.com/wp-dyn/articles/A6746-2004Jun25.html

  • http://news.com.com/2100-7349_3-5247187.html?tag=prntfr
    "There's a pretty wide variety," he said. "There are auction sites,
    price comparison sites and financial institutions."

    The Internet Storm Center, which monitors Net threats, confirmed that the list of infected sites included some large Web properties.
    "We won't list the sites that are reported to be infected in order to prevent further abuse, but the list is long and includes businesses that we presume would normally be keeping their sites fully patched," the group stated on its Web site.

  • http://linuxtoday.com/infrastructure/2004062501826OPDTSW
    This is a piece of software--a closed source, and therefore supposedly (ha!) more secure piece of software, mind you--that is constantly having innumerable flaws exposed and taken advantage of. In the recent past, it was download this, and you're doomed. Open this, and you're in trouble.

    Now, it's: open any page on a Web site running a Microsoft Internet Information Server, and you potentially could be infected.

  • http://news.netcraft.com/archives/2004/07/05/browser_wars_to_recommence.html
    One is the extreme gravity of the latest phishing scams: victims of
    phishing attacks might conceivably lose their life savings. Some
    people now perceive Internet Explorer and Internet Banking as a
    potentially lethal cocktail that must not be mixed, with insiders in
    the banking industry urging their families to switch if not operating systems, then at least browsers, while conversely some internet banking customers have adapted to the threat by forgoing convenience and moving funds back into accounts which require traditional telephone and fax instructions.
  • http://www.eweek.com/article2/0,1759,1618052,00.asp
    Johannes Ullrich, a handler at the Internet Storm Center at The SANS Institute in Bethesda, Md., wrote, "A large number of Web sites, some of them quite popular, were compromised earlier this week to distribute malicious code."
    [...]

    Maybe this was just another massive Internet security prank. Maybe all that will happen is a DDoS attack. Well, you can hope that's all thereis to it and continue to use IE. But as for me, I'm done with it.